<?php
//开启session
session_start();
//包含数据库配置文件
include '../public/dbconfig.php';
//包含函数库文件
include '../public/functions.php';
//调用函数 链接数据库
$link = con();

//接收用户传过来的值
//接收回帖内容
$content = $_POST['content'];
//接收验证码
$yzm = $_POST['yzm'];
//接收帖子id
$tid = $_POST['tid'];
//获取回帖时间
$rtime = time();
//获取回帖ip
$ip = $_SERVER['REMOTE_ADDR'];

//判断验证码
if($yzm != $_SESSION['yzmstr']){
	echo '<script>alert("验证码不正确");window.location.href="detail.php?tid='.$tid.'";</script>';
	exit;
}

//判断ip
if($ip == '::1'){
	$rip = ip2long('127.0.0.1');
}else{
	$rip = ip2long($ip);
}

//查询词语过滤表
$filsql = "select id,name,rname from filter";
//执行sql
$filres = mysqli_query($link, $filsql);
//判断执行结果
if($filres && mysqli_num_rows($filres)){
	while($filter = mysqli_fetch_assoc($filres)){
		$name[] = $filter['name'];
		$rname[] = $filter['rname'];
	}
}
//替换内容
$content = str_replace($name,$rname,$content);

//准备sql
$sql = "insert into htiezi(uid,fid,content,rtime,rip)values('{$_SESSION['id']}','{$tid}','{$content}','{$rtime}','{$rip}')";
//执行sql
$res = mysqli_query($link, $sql);
//判断执行结果
if($res){
	echo '<script>alert("回复成功");window.location.href="detail.php?tid='.$tid.'";</script>';
}else{
	echo '<script>alert("回复失败");window.location.href="detail.php?tid='.$tid.'";</script>';
}
//关闭数据库链接
mysqli_close($link);